Created
January 21, 2020 09:43
-
-
Save Dmitry1987/4ad930d965f7b69f24eb13523c9d134c to your computer and use it in GitHub Desktop.
Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM python:3.6-buster | |
ARG NB_USER="ds-team" | |
ARG NB_UID="1000" | |
ARG NB_GID="100" | |
USER root | |
# Install all OS dependencies for notebook server that starts but lacks all | |
# features (e.g., download as all possible file formats) | |
ENV DEBIAN_FRONTEND noninteractive | |
RUN apt-get update \ | |
&& apt-get install -yq --no-install-recommends \ | |
python-enchant \ | |
awscli \ | |
wget \ | |
bzip2 \ | |
ca-certificates \ | |
sudo \ | |
locales \ | |
fonts-liberation \ | |
build-essential \ | |
git \ | |
libsm6 \ | |
lmodern \ | |
netcat \ | |
pandoc \ | |
texlive-fonts-extra \ | |
texlive-fonts-recommended \ | |
texlive-generic-recommended \ | |
texlive-latex-base \ | |
texlive-latex-extra \ | |
texlive-xetex \ | |
tzdata \ | |
unzip \ | |
nano \ | |
&& apt-get clean && rm -rf /var/lib/apt/lists/* | |
RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \ | |
locale-gen | |
# Configure environment | |
ENV CONDA_DIR=/opt/conda \ | |
SHELL=/bin/bash \ | |
NB_USER=$NB_USER \ | |
NB_UID=$NB_UID \ | |
NB_GID=$NB_GID \ | |
LC_ALL=en_US.UTF-8 \ | |
LANG=en_US.UTF-8 \ | |
LANGUAGE=en_US.UTF-8 | |
ENV PATH=$CONDA_DIR/bin:$PATH \ | |
HOME=/home/$NB_USER | |
# Add a script that we will use to correct permissions after running certain commands | |
ADD fix-permissions /usr/local/bin/fix-permissions | |
RUN chmod a+rx /usr/local/bin/fix-permissions | |
# Enable prompt color in the skeleton .bashrc before creating the default NB_USER | |
RUN sed -i 's/^#force_color_prompt=yes/force_color_prompt=yes/' /etc/skel/.bashrc | |
# Create NB_USER wtih name ds-team user with UID=1000 and in the 'users' group | |
# and make sure these dirs are writable by the `users` group. | |
RUN echo "auth requisite pam_deny.so" >> /etc/pam.d/su && \ | |
sed -i.bak -e 's/^%admin/#%admin/' /etc/sudoers && \ | |
sed -i.bak -e 's/^%sudo/#%sudo/' /etc/sudoers && \ | |
useradd -m -s /bin/bash -N -u $NB_UID $NB_USER && \ | |
mkdir -p $CONDA_DIR && \ | |
chown $NB_USER:$NB_GID $CONDA_DIR && \ | |
chmod g+w /etc/passwd && \ | |
fix-permissions $HOME && \ | |
fix-permissions "$(dirname $CONDA_DIR)" | |
RUN HOME=/root pip install 'tini' \ | |
'notebook==6.0.0' \ | |
'jupyterhub==1.0.0' \ | |
'jupyterlab==1.2.1' | |
USER $NB_UID | |
WORKDIR $HOME | |
# Setup work directory for backward-compatibility | |
RUN mkdir /home/$NB_USER/temp && \ | |
fix-permissions /home/$NB_USER | |
EXPOSE 8888 | |
# Configure container startup | |
ENTRYPOINT ["tini", "-g", "--"] | |
CMD ["start-singleuser.sh"] | |
# Add local files as late as possible to avoid cache busting | |
COPY start.sh /usr/local/bin/ | |
COPY start-notebook.sh /usr/local/bin/ | |
COPY start-singleuser.sh /usr/local/bin/ | |
# Fix permissions on /etc/jupyter and /usr/local/bin/ as root | |
USER root | |
RUN chmod +x /usr/local/bin/start.sh && \ | |
chmod +x /usr/local/bin/start-notebook.sh && \ | |
chmod +x /usr/local/bin/start-singleuser.sh && \ | |
fix-permissions /usr/local/bin/ | |
RUN mkdir /etc/jupyter/ && fix-permissions /etc/jupyter/ | |
# Switch back to ds-team | |
USER $NB_UID | |
RUN mkdir -p /opt/conda/envs | |
# This script will generate all kernels from files | |
COPY ./kernels /opt/conda/kernels | |
COPY ./generate-kernels.sh /opt/conda | |
USER root | |
RUN ["/bin/bash", "-c", "chmod +x /opt/conda/generate-kernels.sh"] | |
USER $NB_UID | |
RUN ["/bin/bash", "-c", "/opt/conda/generate-kernels.sh"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment